1. Field of the Invention
The present invention relates to an encryption system for decoding encrypted data recorded in a portable storage medium, and in particular to an encryption system for distributing a common crypt key using encryption information in BCA (burst cutting area) of a DVD-ROM.
2. Description of the Prior Art
In order to protect data in CD-ROM or DVD-ROM from being copied illegally, data are generally encrypted. There will be no meaning in the encryption unless a common crypt key for restoring the encrypted data is safely distributed, and it is necessary to have a method to safely distribute a common crypt key. One of the methods for safe distribution of the common crypt key is a method to use a public key encryption. FIG. 3 is a block diagram of a DVD-ROM encryption system designed according to conventional common technique in order to acquire a common crypt key using a public key encryption method.
Description will be given now on the method to acquire a common crypt key by the public key encryption method referring to FIG. 3. Here, it is assumed that a user A receives a common crypt key from a server B on on-line basis. It is also assumed that the data encrypted by the common crypt key is at hand (on DVD-ROM) of the user A and that the user A can specify the index information which can designate a common crypt key required. In acquiring the common crypt key, it is generally necessary to take the following procedure:
(1) A request to acquire a common crypt key is given from the user A to the server B.
(1-1) An index information to specify a common crypt key of what is to be acquired is obtained.
(1-2) An information for the request is prepared by random information such as the current time.
(1-3) A hash value is calculated from the information for request using hash function.
(1-4) Secret key of the user A is read from an IC card 15.
(1-4-1) To the IC card 15 storing the secret key, the user A is requested to enter a password.
(1-4-2) An IC card reader checks whether the password is correct or not and reads the stored secret key.
(1-5) Using the secret key of the user A, signature is calculated from the hash value.
(1-6) A public key certificate of the user A is obtained from a storage device (hard disk) of a personal computer.
(1-7) A public key of the server B is obtained from a certificate issuing center 4.
(1-8) To the information and the signature for request, RSA encryption is performed using the public key of the server B, and it is sent to the server B together with the public key certificate of the user A.
(2) The server B authenticates the request from the user A.
(2-1) To the public key certificate of the user A, correctness is confirmed using the public key of the certificate issuing center 4, and the public key of the user A is obtained.
(2-2) The secret key of the server B is read from an IC card 25. (The same procedure as in (1-4)).
(2-3) The information and the signature for the request are restored using the secret key of the server B.
(2-4) Hash value X is calculated from the information for request using hash function.
(2-5) Hash value Y is restored using the public key of the user A from the signature of the user A.
(2-6) It is checked whether the hash value X obtained in the step (2-4) is the same as the hash value Y obtained in the step (2-5). If it is the same, it is confirmed that it is a request information from the user A.
(3) The server B delivers a common crypt key to the user A.
(3-1) The server B specifies a common crypt key necessary from a key DB 22 using request information.
(3-2) An information for response is prepared by adding random information such as the current time.
(3-3) Hash value is calculated from the information for response using hash function.
(3-4) The secret key of the server B is read from the IC card 25. (The same procedure as in (1-4))
(3-5) Using the secret key of the server B, signature is calculated from the hash value.
(3-6) A public key certificate of the server B is obtained from a storage device (hard disk) 26 of a personal computer.
(3-7) To the information and the signature for response, RSA encryption is performed using the public key of the user A, and it is transmitted to the user A together with the public key certificate of the server B.
(4) The user A authenticates the response from the server B, obtains the common crypt key, and restores the data.
(4-1) To the public key certificate of the server B, correctness is confirmed using the public key at the certificate issuing center 4, and the public key of the server B is obtained.
(4-2) The secret key of the user A is read from the IC card 15. (The same procedure as in (1-4))
(4-3) Using the secret key of the user A, the information and the signature for response are restored.
(4-4) Hash value U is calculated from the information for the response using hash function.
(4-5) Hash value V is restored using the public key of the server B from the signature of the server B.
(4-6) It is checked whether the hash value U obtained in the step (4-4) is the same as the hash value V obtained in the step (4-5). If it is the same, it is confirmed that it is response information from the server B.
(4-7) From the information for response, the common crypt key is separated, and a common crypt key is obtained.
(4-8) From encryption data in DVD-ROM 12, the data is restored by the common crypt key.
As far as each secret key is protected by the above method, it is almost perfectly possible to defend against wire tapping on communication route or against attacker who pretends to be or disguises as the other user. When the common crypt key has been obtained and if it is stored as it is encrypted by the public key of the user A without directly storing it in hard disk of the personal computer, it is also possible to defend against attack at the time of storage.
In the above procedure, however, it is necessary to check the correctness of the public keys with each other using the public key of the certificate issuing center. Because there is only one secret key respectively, it is necessary to store the key in IC card and the like as described above to ensure safety and to control by password. For this purpose, it is necessary to have a special device (such as IC card reader). This often leads to the problems such as complicated procedure or large-scale design of the system.
Further, safety against attack such as wire tapping of data or disguise or falsification of data depends upon the safety of the control of the secret key of each individual. In this respect, even when the system itself is robust and durable, the safety of the entire system depends upon the managing and controlling ability of each individual. In this sense, the more the users are increased, the bigger the problem may become in actual operation of the system.
To solve the above problems, it is an object of the present invention to safely distribute a common crypt key such as DVD-ROM by simplified devices and procedure.
To solve the above problems, in the encryption system according to the present invention, an encrypted data decryption device comprises means for sending a data request to a data encryption device, and means for decrypting the data received from the data encryption device using a medium specific information, and the data encryption device comprises means for obtaining the medium specific information corresponding to data request by searching a medium specific information data base, and means for encrypting and transmitting transmission data using the medium specific information. With such an arrangement, it is possible to encrypt and transmit the data using the medium specific information already distributed as a crypt key by simple devices and procedure.
Also, in a terminal equipment such as a DVD-ROM system, there is provided means for decrypting the received data using BCA data, and the center device comprises means for obtaining BCA data of a user by searching BCA data base, and means for encrypting and transmitting the transmission data using BCA data. With such an arrangement, it is possible to encrypt and transmit the data using BCA data of DVD-ROM already distributed as a crypt key by simple devices and procedure.
Further, on the data encryption device (e.g. a center device of DVD-ROM system), there is further provided means for authenticate the user by searching a user data base in response to the data request. With such an arrangement, it is possible to authenticate the user by simple devices and procedure.
Also, in the encrypted data decryption device (e.g. a terminal equipment of DVD-ROM system), there is provided means for sending a key data request to a center device, and the center device comprises means for obtaining a common crypt key by searching a key data base, and means for encrypting and transmitting the common crypt key using BCA data. With such an arrangement, it is possible to encrypt and transmit the common crypt key by simple devices and procedure.
Further, in a center device of DVD-ROM system, for example, there is provided means for encrypting and transmitting a common crypt key using a combination of a part of BCA data and a user identification information (e.g. membership number), and the terminal equipment comprises means for decrypting the received encrypted common crypt key using a combination of a part of BCA data and the membership number. With such an arrangement, it is possible to encrypt and transmit the common crypt key more safely by simple devices and procedure.
Further, on a center device of DVD-ROM system, for example, there are provided means for obtaining a crypt key paired with a decryption key contained in BCA data and means for encrypting transmission data using the crypt key, and the terminal equipment comprises means for decrypting the encrypted transmission data using the decryption key. Further, the above pair of the decryption key and the crypt key is in some cases a public key and a secret key in the public key encryption method respectively. With such an arrangement, it can be designed in such manner that the crypt key is practically impossible to calculate from the decryption key. Thus, it is possible to encrypt and transmit the data safely even by simple devices and procedure and to exclude the attacks such as disguise as the center device or falsification of data.
The encryption system according to the present application comprises a data encryption device for encrypting data and an encrypted data decryption device for decrypting the encrypted data, and the data can be transmitted or received via network or bus between the devices, whereby the encrypted data decryption device comprises means for driving a portable storage medium having medium specific information specific to each medium, means for sending a data request to the data encryption device, and means for decrypting the data received from the data encryption device using the medium specific information, and the data encryption device comprises a data base for storing the medium specific information specific to each portable storage medium, means for obtaining medium specific information corresponding to the data request by searching the data base, and means for encrypting and transmitting the request data using the medium specific information.
By using the medium specific information already distributed as the crypt key, it is possible to obtain an effect to encrypt and transmit the data by simple devices and procedure.
The encryption system according to the present application comprises a center device for encrypting data and a terminal equipment for decrypting the encrypted data, and the data can be transmitted or received via network or bus between the device and equipment, whereby the terminal equipment comprises means for driving a DVD-ROM having BCA data, which is medium specific information specific to each medium, means for sending a data request to the center device, and means for decrypting the data received from the center device using the BCA data, and the center device comprises BCA data base for storing BCA data specific to each DVD-ROM, means for obtaining BCA data corresponding to the data request by searching the data base, and means for encrypting and transmitting the requested data using the BCA data.
By using BCA data already distributed as a crypt key, it is possible to obtain an effect to encrypt and transmit the data by simple devices and procedure.
The encryption system according to the present application comprises a data encryption device for encrypting data, and an encrypted data decryption device for decrypting the encrypted data, and the data can be transmitted or received via network or bus between the devices, whereby the encrypted data decryption device comprises means for driving a portable storage medium having medium specific information specific to each medium, means for sending a data request to the data encryption device and means for decrypting the data received from the data encryption device using the medium specific information, and the data encryption device comprises a medium specific information data base for storing medium specific information specific to each portable storage medium, a user data base for accumulating information relating to users who utilizes the present system, means for authenticate the user of the encrypted data decryption device by searching the user data base in response to the data request, means for obtaining the medium specific information corresponding to the data request by searching the medium specific information data base, and means for encrypting and transmitting the requested data using the medium specific information.
By using BCA data already distributed as the crypt key, it is possible to obtain an effect to authenticate the user and to encrypt and transmit the data by simple devices and procedure.
The encryption system according to the present application comprises a data encryption device for encrypting data, and an encrypted data decryption device for decrypting the encrypted data, and the data can be transmitted or received via network or bus between the devices, whereby the encrypted data decryption device comprises means for driving portable storage medium having medium specific information specific to each medium, means for sending a key data request to the data encryption device, and means for decrypting the key data received from the data encryption device using the medium specific information, and the data encryption device comprises a medium specific information data base for storing medium specific information specific to each portable storage medium, a key data base for storing a common key, means for obtaining a medium specific information corresponding to the key data request by searching the medium specific information data base, means for obtaining a common crypt key corresponding to the key data request by searching the key data base, and means for transmitting the key data, which has been obtained by encrypting the common crypt key using the medium specific information.
By using BCA data already distributed as a crypt key, it is possible to obtain an effect to encrypt and transmit the common crypt key by simple devices and procedure.
The encryption system according to the present application comprises a data encryption device for encrypting data, and an encrypted data decryption device for decrypting the encrypted data, and the data can be transmitted or received via network or bus between the devices, whereby the encrypted data decryption device comprises means for driving portable storage medium having medium specific information specific to each medium, means for sending a key data request to the data encryption device, and means for decrypting the key data received from the data encryption device using a part of the medium specific information, and the data encryption device comprises a medium specific information data base for storing medium specific information specific to each portable storage medium, a key data base for storing a common key, means for obtaining a medium specific information corresponding to the key data request by searching the medium specific information data base, means for obtaining a common crypt key corresponding to the key data request by searching the key data base, and means for transmitting the key data, which has been obtained by encrypting the common crypt key using a part of the medium specific information.
By using a part of BCA data already distributed, it is possible to obtain an effect to encrypt and transmit the common crypt key by simple devices and procedure.
The encryption system according to the present application comprises a data encryption device for encrypting data, and an encrypted data decryption device for decrypting the encrypted data, and the data can be transmitted or received via network or bus between the devices, whereby the encrypted data decryption device comprises means for driving portable storage medium having medium specific information specific to each medium, means for sending a key data request to the data encryption device, and means for decrypting the key data received from the data encryption device using a combination of a part of the medium specific information and a user identification information capable to identify a user who utilizes the present system, and the data encryption device comprises a medium specific information data base for storing medium specific information specific to each portable storage medium, a key data base for storing a common key, means for obtaining medium specific information corresponding to the key data request by searching the medium specific information data base, means for obtaining a common crypt key corresponding to the key data request by searching the key data base, and means for transmitting the key data, which has been obtained by encrypting the common crypt key using a combination of a part of the medium specific information with the user identification information.
By using a combination of a part of BCA data already distributed and the membership number, it is possible to encrypt and transmit the common crypt key by simple devices and procedure.
The encryption system according to the present application comprises a data encryption device for encrypting data, and an encrypted data decryption device for decrypting the encrypted data, and the data can be transmitted or received via network or bus between the devices, whereby the encrypted data decryption device comprises means for driving portable storage medium having medium specific information specific to each medium, means for sending a data request to the data encryption device, and means for decrypting the data received from the data encryption device using a decryption key contained in the medium specific information, and the data encryption device comprises a data base for storing medium specific information specific to each portable storage medium, means for obtaining a crypt key paired with a decryption key in the medium specific information corresponding to the data request by searching the data base, and means for encrypting and transmitting the requested data using the crypt key.
By using keys, which make up a pair and are different from each other with respect to encryption and decryption of transmission data and by using a decryption key contained in BCA data already distributed, it is possible to safely encrypt and transmit the data and to exclude the attacks such as disguise as the center device or falsification of data even by simple devices and procedure.
The encryption system according to claim 8 of the present application is the same as the encryption system according to claim 7, wherein the pair of the decryption key and the crypt key are a public key and a secret key in a public key encryption method.
In encryption and decryption of transmission data, encryption is carried out using the secret key of the public key encryption method, and decryption is carried out by the public key contained in BCA data already distributed. With such an arrangement, it can be designed in such manner that the crypt key is practically impossible to calculate from the decryption key. Thus, it is possible to safely encrypt and transmit the data even by simple devices and procedure and to exclude the attacks such as disguise as the center device or falsification of data.